 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
In a firewall filter term, you can define conditions used to match the components of a packet. To configure match conditions, include the from statement:
- from {
-
match-conditions;
- }
For IPv4 traffic, configure the match conditions at the [edit firewall family inet filter filter-name term term-name] hierarchy level. For IPv6 traffic, configure the match conditions at the [edit firewall family inet6 filter filter-name term term-name] hierarchy level. For MPLS traffic, configure the filter terms at the [edit firewall family mpls filter filter-name term term-name] hierarchy level.
For traffic in a bridging environment, configure the match conditions at the [edit firewall family bridge filter filter-name term term-name] hierarchy level. The bridge option is supported only on MX-series routers. You can configure filters to match on Layer 2, Layer 3, and Layer 4 fields. Although interfaces configured for bridging can receive both IPv4 and IPv6 traffic, Layer 3 and Layer 4 match conditions currently support IPv4 traffic only. For more information about the filter match conditions supported for traffic in a bridging environment, see Table 31.
You can specify zero or more match conditions in a single from statement. For a match to occur, the packet must match all the conditions in the term. For more information about match conditions, see Filter Match Conditions.
The from statement is optional. If you omit it, all packets are considered to match.
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |